header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Remote Buffer Overflow Exploit in ATNBaseLoader100.dll

This exploit targets a remote buffer overflow vulnerability in the ATNBaseLoader100.dll module, version 5.4.0.6. It can be triggered by passing 272 characters to the Send485CMD method, causing the EIP to be overwritten. The SetLoginID, AddSite, SetScreen, and SetVideoServer methods are also vulnerable to less convenient overflows or seh overwrite.

OS X kernel use-after-free due to bad locking in IOAcceleratorFamily2

In IOAccelContext2::clientMemoryForType the lock_busy/unlock_busy should be extended to cover all the code setting up shared memory type 2. At the moment the lock doesn't protect two threads racing where one reaches the release at +0x56AD (outside the lock) while the other is still using those raw pages via the raw pointer at IOAccelContext+0x610 inside the locked region.

Kernel NULL pointer dereference in IOAudioEngine

The closeClient() method in IOAudioEngineUserClient class sets the audioEngine member pointer to NULL. However, the safeRegisterClientBuffer method uses the audioEngine pointer without checking if it's NULL. This can lead to a NULL pointer dereference vulnerability. By calling the getStreamForID method, which calls a virtual function on a member, an attacker can control the RIP register.

FlaP v.1.0. Beta <= Remote File Inclusion Vulnerability

The FlaP v.1.0. Beta application is vulnerable to remote file inclusion, allowing an attacker to include and execute arbitrary files on the server. This vulnerability can be exploited by providing a malicious file path as a parameter in the affected PHP files (skin/html/table.php and login.php). The vulnerable code snippets in these files use the 'include' function to include the specified file without proper sanitization or validation.

Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution

This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

Recent Exploits: